Impose allocation size limit in fx_memory_malloc.cpp

Get consistency between this code and what Partition Alloc currently
imposes to minimize differences between build configurations.

Change-Id: I9fa30dca48ca98ec7abfdc681404cd6a316256bb
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/101630
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
diff --git a/core/fxcrt/fx_memory_malloc.cpp b/core/fxcrt/fx_memory_malloc.cpp
index 3f2d4bd..00144a0 100644
--- a/core/fxcrt/fx_memory_malloc.cpp
+++ b/core/fxcrt/fx_memory_malloc.cpp
@@ -8,30 +8,39 @@
 
 #include <stdlib.h>
 
+#include <limits>
+
 #include "build/build_config.h"
 #include "core/fxcrt/fx_safe_types.h"
 
 namespace pdfium {
 namespace internal {
 
+// Slightly less than 2GB, typically.
+constexpr size_t kMallocSizeLimit = std::numeric_limits<int>::max() - (1 << 12);
+
 void* Alloc(size_t num_members, size_t member_size) {
   FX_SAFE_SIZE_T total = member_size;
   total *= num_members;
-  if (!total.IsValid())
+  if (!total.IsValid() || total.ValueOrDie() >= kMallocSizeLimit)
     return nullptr;
   return malloc(total.ValueOrDie());
 }
 
 void* Calloc(size_t num_members, size_t member_size) {
+  FX_SAFE_SIZE_T total = member_size;
+  total *= num_members;
+  if (!total.IsValid() || total.ValueOrDie() >= kMallocSizeLimit)
+    return nullptr;
   return calloc(num_members, member_size);
 }
 
 void* Realloc(void* ptr, size_t num_members, size_t member_size) {
-  FX_SAFE_SIZE_T size = num_members;
-  size *= member_size;
-  if (!size.IsValid())
+  FX_SAFE_SIZE_T total = num_members;
+  total *= member_size;
+  if (!total.IsValid() || total.ValueOrDie() >= kMallocSizeLimit)
     return nullptr;
-  return realloc(ptr, size.ValueOrDie());
+  return realloc(ptr, total.ValueOrDie());
 }
 
 void* StringAlloc(size_t num_members, size_t member_size) {